I'm choosing another rather unique path; a personal boycott, if you will. Starting early this morning, I am going to un-friend every single individual on Facebook who voted for Obama, or I even suspect may have Democrat leanings. I will do the same in person. All family and friends, even close family and friends, who I know to be Democrats are hereby dead to me. I vow never to speak to them again for the rest of my life, or have any communications with them. They are in short, the enemies of liberty. They deserve nothing less than hatred and utter contempt.

I strongly urge all other libertarians to do the same. Are you married to someone who voted for Obama, have a girlfriend who voted 'O'. Divorce them. Break up with them without haste. Vow not to attend family functions, Thanksgiving dinner or Christmas for example, if there will be any family members in attendance who are Democrats.

Do you work for someone who voted for Obama? Quit your job. Co-workers who voted for Obama. Simply don't talk to them in the workplace, unless your boss instructs you too for work-related only purposes. Have clients who voted Democrat? Call them up this morning and tell them to take their business elsewhere.

Have a neighbor who votes for Obama? You could take a crap on their lawn. Then again, probably not a good idea since it would be technically illegal to do this.

[...]

When I'm at the Wal-mart or grocery story I typically pay with my debit card. On the pad it comes up, "EBT, Debit, Credit, Cash." I make it a point to say loudly to the check-out clerk, "EBT, what is that for?" She inevitably says, "it's government assistance." I respond, "Oh, you mean welfare? Great. I work for a living. I'm paying for my food with my own hard-earned dollars. And other people get their food for free." And I look around with disgust, making sure others in line have heard me.

Buttons. Boy, you can have a lot of fun with this. I plan to make up a bunch of buttons, and wear them around town, sayings like "Democrats are Communist Pigs," or "Welfare moochers steal from hard-working Americans," "Only Nazis support Seat Belt laws" or "No Smoking Ban: Nanny-Staters go Fuck Yourselves."

[...]

Hell, there were UNITED NATIONS POLL WATCHERS at our polling places yesterday. If that isn't proof enough how far we've gone towards the dark side of international socialism, I don't know what is.

[...]

I say we've got two to three years left before they start rounding up dissenters and sending us off to Nazi-style concentration camps. I've got a little more time, cause I live in Texas.

[...]

I disowned them this morning. On Facebook and through an email. But fortunately my parents are diehard Republicans, and a sister. It's only the fucked up brother in Delaware, piece of shit, scumbag mother fucker who is a Democrat, and another sister in Philly who won't tell me, but I'm almost certain voted for Obama.

They are dead to me now. And I will not under any circumstances attend their funerals in 30 or 40 years.

To me the interesting thing here is that, never mind "community over code", Apache appears to value bureaucracy over community:

Prior to this migration I brought up, on more than one occasion, the topic of git with ASF members and was told that the real barrier was just getting someone to maintain the server and that there was no policy barrier that required subversion. Once a project actually attempted to resolve this by maintaing a server and migrating their project to git they were hit with a whole new slew of requirements along with reasons they should be outright denied the right at all.

[...]

After a fierce battle CouchDB has been allowed to begin the move to git. The process appears to be going well and is being led by committer Paul Davis.

Enter PhoneGap. The PhoneGap project has been on GitHub for quite a while and already contains an enviable list of contributors. The project has been very successful and the move to Apache is a result of Adobe's recent acquisition of Nitobi, creators of PhoneGap.

By ASF regulations the project must spend time in the "Incubator" even though it has already proven itself as a technology and as a community to the rest of the world. The project requested git as its version control rather than subversion, for obvious reasons. The request was met with some hostility and new pressure has now come down on the CouchDB "experiment".

It sounds awfully like some within Apache are more than willing to disrupt an existing developer community for the sake of shielding Apache from the need to adapt.

I've long been amused by the warning in Apache's Incubator process against "excessive fascination with the Apache brand", since so many of the projects going through that process seem to be driven there specifically by some corporate sponsor's desire to find someone "respectable" to catch their code once they throw it over the wall. When this happens, it seems more like spin: we're not abandoning this software, we're contributing it to a serious open source community. It's hard to see any tangible benefit to PhoneGap contributors or users that would derive from joining Apache.

As I arrive at North Brighton station one of Metro's friendly staff announces that the next train will arrive in five minutes. Apparently I blacked out for a little while, because the train arrived before I'd even managed to open my newspaper — still, it's not as though I want to complain about not having to wait for a train.

The journey is uneventful until we pass through Richmond station. Incredibly, the train proceeds directly to Flinders Street without a lengthy delay somewhere near the arse end of Federation Square. I'm on platform 13 at about 8:36.

It's a short walk to platform 10, where the 8:40 Werribee train waits. Things are going really smoothly today.

But don't worry: we can fix that.

As I'm walking toward my carriage, the display goes blank. Another friendly microphone-wielding customer service gentleman confidently confirms that this is, indeed, the 8:40 Werribee train. He proves to be absolutely correct.

But not yet.

As I board, a different announcer declares that the 8:40 Werribee service will now depart from platform 12, right next to the train I'd left five minutes earlier. By the time I get back there, the train has arrived, and when I board the driver confirms that he is heading to Werribee — but not until network congestion clears up ahead. But before he can even finish saying so, yet another helpful Metro employee has boarded the train to share his idea about getting around the congestion: we can all, passengers and driver alike, get out of this train and return to the other one back on platform 10.

Oh, and as my train approaches Footscray station, it's starting to rain. If that train had left on time, I'd've been dry in the office by now.

One of the highlights of YOW Melbourne last week was Guy Steele's talk on designing algorithms for parallelism. He started with a punch card he'd written in the 1960s, which dumped the machine's memory, walking us through the series of contortions required to load it as a debugging tool — limited to one card, self-modifying code to produce 16-bit values in memory which couldn't be read from the 12-bit card, determining experimentally that the hardware permitted "getting away with" certain undefined operations, reading from the address containing an instruction because that instruction happens to be represented by a useful number, and so on.

Steele called it the dirtiest code he had ever written. Not only did later hardware require fewer such "dirty tricks", tools that improve developer productivity — macro assemblers, garbage collection — sometimes take away the degree of control that made many of those tricks possible.

Something else that took me a while to internalize: you have to accept that with Web development, anything that's worth anything will be a hack. Not just prototyping; production code as well. That's hard to swallow when you're used to proper, clean, sterile programming. [...]

And eventually that battery of hacks in your sleeve might make you stand above. My crude and jaded metaphor of Web development is button mashing when playing video games. Everyone hates button mashers, but working with cutting-edge Web really is flying blind a lot of the time — you're trying out all sorts of things that sometimes don't logically make a lot of sense. But they somehow work. If you get used to that mentality and you get familiar with those hacks, you will train your instincts to know which buttons to mash first, and give yourself more buttons as well.

We're not talking about programs restricted to eighty 12-bit columns, we're not talking about getting the most out of early, primitive gaming hardware like the 2600, we're talking writing code for enormously complex machines, conforming to specifications that require millions of lines of code to implement.

Can somebody explain to me why the fuck this is considered acceptable?

Having spent the last eight months working with a team of people producing a high-quality applications for mobile phones, it really pounds home the feeling that writing a browser-based application is like tying your hands behind your back and trying to type with your molars.

The markets want money for cocaine and prostitutes. I am deadly serious.

Most people don't realize that "the markets" are in reality 22-27 year old business school graduates, furiously concocting chaotic trading strategies on excel sheets and reporting to bosses perhaps 5 years senior to them. In addition, they generally possess the mentality and probably intelligence of junior cycle secondary school students. Without knowledge of these basic facts, nothing about the markets makes any sense — and with knowledge, everything does.

What the markets, bond and speculators, etc, want right now is for Ireland to give them a feel good feeling, nothing more.

[...]

In lieu of a proper budget, what the country can do — and what will work — is bribe senior ratings agencies owners and officials to give the country a better rating. Even a few millions spent on bumping up Ireland's rating would save millions and possibly save the country.

Bread and circuses for the masses; cocaine and prostitutes for the markets. This can be looked on a unethical obviously, but since the entire system is unethical, unprincipled and chaotic anyway, why not just exploit that fact to do some good for the nation instead of bankrupting it in an effort to buy new BMWs for unmarried 25 year olds.

There you go. He thinks his carrier is Apple's customer. Thus the conflict, because Apple treats iPhone owners as its customers.

As Gruber would have it, the tension between phone carriers and Apple is over whether the carrier or the customer should have control over the device in that customer's pocket. That is disingenuous.

Here's the real bone of contention: Telstra believes Telstra should control what you can do with your iPhone. Apple believes Apple should control what you can do with your iPhone.

You'll notice the customer doesn't get the final word in either vision. Gruber doesn't care because he happens to think (like a hell of a lot of satisfied customers) that Apple's walled garden is particularly nice.

There's a very straightforward litmus test here: when Apple stops actively seeking to prevent iPhone users installing software other than via the iTunes Store, on that day they can be said to be putting the customer's interests first. Not before.

National Novel Writing Month is imminent. I don't write fiction; for me, NaNoWriMo is just an annual reminder that I neglect my blog. I file this rant under "shit that is stupid that I cannot possibly hope to do anything about".

In an interesting discussion of decentralised addressing (as an alternative to centralised DNS), Daniel Kahn Gillmor writes (ending with slightly less emphasis than I'm using here):

If they're looking for John Smith because the word on the street is that John Smith is a good knitter and they need a pair of socks, they can just examine what information we each publish about ourselves, and decide on a sock-by-sock basis which of us best suits their needs.

But if they're looking for "John Smith" because their cousin said "hey, i know this guy John Smith. I think you would like to argue politics over a beer with him", then what matters is the introduction.

This is how HTTPS should work:

I have an existing relationship with a bank. My trust in them is based on the relationship I have had with them for a decade or two.

I want to use Internet banking services, but there are two vital precautions I need to take. Anyone could be observing the traffic between my computer and my bank, and use what they observe to steal my money. Encryption prevents the "man in the middle" from reading the data travelling between me and my bank. But, more subtly, an attacker could manipulate the network to force my web browser to connect to a hostile server instead of the bank's server. It is obvious to everyone who has used Internet banking that I need to prove to the bank that I am the customer I say I am, but it is equally important that the bank's web server proves to me that it really does belong to the bank. We need mutual authentication.

I get, from the bank itself, both my credentials and some means for my computer to verify that the web site it is communicating with really is the bank's. Perhaps they post some sort of token to me, much as they handle credit and debit cards. Or if I don't trust the post, I could go into a branch and collect something in person.

I go to the web site, and my computer is able to confirm that I have an encrypted channel that really is reaching the party I trust.

But this is how HTTPS actually works:

I have the relationship with a bank, and I want to use their Internet services.

The bank issues credentials I can use to prove my identity to them.

I then tell my web browser to go to my bank's web site. To determine whether or not it really is the right site, the server sends a certificate asserting that one of several dozen organisations I have no relationship with and therefore no particular reason to trust has verified that the site belongs to my bank. (Who creates this list of organisations? The company I already trust to provide the web browser itself. So the scheme — a word that sits uncomfortably close in the dictionary to "scam" — is not completely without merit.)

They perform this "verification" by charging the organisation in question nine US dollars. (OK, some of them charge more than that, and others charge less.)

When it is pointed out to these organisations that there is absolutely no reason to believe the certificates they issue, they introduce a new product called "Extended Validation", where "Extended" means "this time, we actually fucking do what we spent the last ten years lying about doing".

SSH uses a different method:

The first time you connect to a server, SSH shows you the server's "fingerprint", giving you the opportunity to confirm that the server really is the one you were trying to reach.

If you confirm that the fingerprint is the right one (and here the SSH process falls down; mostly people don't know what the fingerprint for a new server should be, so they just assume it's the right one), your SSH client remembers that server's identity for you.

When you connect to that server in future, your SSH client is able to determine that the server is the same one that showed you the initial fingerprint.

Supporters of HTTPS claim that their method is better, because even the first connection is verified by an organisation they trust. But consider the real risk that people actually face:

You have an existing relationship with Bank X.

Whenever you to go the Bank X web site, your browser checks the certificates, which confirm that the web site belongs to an organisation called "Bank X".

Later, by accident, or due to malicious tampering with the network, or because you click a misleading link in a phishing email claiming to be from Bank X, you click on the link to your attacker's web site.

Your web browser checks the certificates, and confirms that the web site really does belong to an organisation called "BankXX". It does not know the one thing you really want and need to know: that "BankXX" is just an attacker who has nine US dollars, and has nothing to do with the "Bank X" you have visited in the past. It does know, and could but does not tell you, that it is a party you have never communicated with before.

What you want is to know that, after a trusted introduction, that you are still communicating with the same party that you were introduced to. What HTTPS gives you instead is an assurance that the party is who they claim to be, even if that claim has been crafted to deceive you into thinking it is another party.

The first thing you've gotta give it a name that no-one forgets. And make sure to stay true to your core issues, which are censorship and personal freedom. In the years ahead, Labor and Liberal will desert that whole area because they're being increasingly infiltrated by church and morals groups and the Greens will probably go the same way as they get bigger and start to take on those kind of trappings. For the next twenty years Australia is going to need a really strong civil liberties party.

At the close of the most disappointing election campaign in my lifetime, I find the policies and priorities of the governing party and the opposition abhorrent and embarrassing. Instead of trying to inform the public and persuasively argue for what they stand for, today these parties are trying to guess what will appeal to the masses. I see no cause for hope that it will be different in the future.